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A fundamental problem in intrusion detection is what metric(s) can be used to 
objectively evaluate an intrusion detection system (IDS) in terms of its ability to 
correctly classify events as normal or intrusive. Traditional metrics (e.g., true 
positive ... 
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In 1987, Dorothy Denning published the seminal paper on anomaly detection as 
applied to intrusion detection on a single system. Her paper sparked a new paradigm 
in intrusion detection research with the notion that malicious behavior could be 
distinguished ... 
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Early systems for networked intrusion detection (or, more generally, intrusion or 
misuse management) required either a centralized architecture or a centralized 
decision-making point, even when the data gathering was distributed. More recently, 
researchers ... 
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Detection of routing-based attacks is difficult because malicious routing behavior can 
be identified only in specific network locations. In addition, the configuration of the 
signatures used by intrusion detection sensors is a time-consuming and error- 
prone ... 
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Many network intrusion detection systems (NIDS) use byte sequences as signatures 
to detect malicious activity. While being highly efficient, they tend to suffer from a 
high false-positive rate. We develop the concept of contextual signatures as ... 
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signatures, snort 



A no ae tection system using support ve ctor machines . 

S \ :ChHO 

Latifur Khan, Mamoun Awad, Bhavani Thuraisingham 

October The VLDB Journal — The I nternational Journal on Very Large Data 
2007 Bases, Volume 16 Issue 4 

Publisher: Springer-Verlag New York, Inc. 



Full text available: Q 



Additional Information i citation , abstract , i 



Bibliometrics: Downloads (6 Weeks): 38, Downloads (12 Months): 49, Citation Count: 0 

Whenever an intrusion occurs, the security and value of a computer system is 
compromised. Network-based attacks make it difficult for legitimate users to access 
various network services by purposely occupying or sabotaging network resources 
and services. ... 
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Intrusion detection (ID) is an important component of infrastructure protection 
mechanisms. Intrusion detection systems (IDSs) need to be accurate, adaptive, and 
extensible. Given these requirements and the complexities of today's network 
environments, ... 
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Intrusion detection systems (IDSs) are used to detect traces of malicious activities 
targeted against the network and its resources. Anomaly-based IDSs build models of 
the expected behavior of applications by analyzing events that are generated 
during ... 
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With the rapid increase of network threats and cyber attacks, network security 
problem is becoming more and more serious. Network anomaly detection is a key 
technique to secure information systems and resist cyber attacks. In this paper, we 
first propose ... 
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Sampling techniques are widely used for traffic measurements at high link speed to 
conserve router resources. Traditionally, sampled traffic data is used for network 
management tasks such as traffic matrix estimations, but recently it has also been 
used ... 
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Network intrusions have been a fact of life in the Internet for many years. However, 
as is the case with many other types of Internet-wide phenomena, gaining insight 
into the global characteristics of intrusions is challenging. In this paper we ... 
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Packet traces of operational Internet traffic are invaluable to network research, but 
public sharing of such traces is severely limited by the need to first remove all 
sensitive information. Current trace anonymization technology leaves only the 
packet ... 
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Recently, network security has become an extremely vital issue that beckons the 
development of accurate and efficient solutions capable of effectively defending our 
network systems and the valuable information journeying through them. In this 
article, ... 
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Artificial immune systems have previously been applied to the problem of intrusion 
detection. The aim of this research is to develop an intrusion detection system based 
on the function of Dendritic Cells (DCs). DCs are antigen presenting cells and key ... 
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Intrusion detection is a critical component of secure information systems. Network 
anomaly detection has been an active and difficult research topic in the field of 
Intrusion Detection for many years. However, it still has some problems unresolved. 
They ... 
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Understanding strategies of attacks is crucial for security applications such as 
computer and network forensics, intrusion response, and prevention of future 
attacks. This paper presents techniques to automatically learn attack strategies from 
correlated ... 
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We present and evaluate a NIC-based network intrusion detection system. Intrusion 
detection at the NIC makes the system potentially tamper-proof and is naturally 
extensible to work in a distributed setting. Simple anomaly detection and signature 
detection ... 
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Network Intrusion Detection Systems (NIDSs) can be composed of a potentially large 
number of sensors, which monitor the traffic flowing in the network. Deciding where 
sensors should be placed and what information they need in order to detect ... 
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In 1 998 and again in 1 999, the Lincoln Laboratory of MIT conducted a comparative 
evaluation of intrusion detection systems (IDSs) developed under DARPA funding. 
While this evaluation represents a significant and monumental undertaking, there are 
a number ... 
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Traditional intrusion detection systems (IDSs) focus on low-level attacks or 
anomalies, and raise alerts independently, though there may be logical connections 
between them. In situations where there are intensive intrusions, not only will actual 
alerts ... 
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